Test ID:	1.3.6.1.4.1.25623.1.0.900163
Category:	Denial of Service
Title:	RealVNC VNC Viewer Remote Code Execution Vulnerability - Linux
Summary:	RealVNC VNC Viewer is prone to a security vulnerability.
Description:	Summary: RealVNC VNC Viewer is prone to a security vulnerability. Vulnerability Insight: The flaw is due to error in 'CMsgReader::readRect()' function in common/rfb/CMsgReader.cxx processing encoding types, and is exploited by sending specially crafted messages to the application. Vulnerability Impact: Successful exploitation will allow execution of arbitrary code when user connects to a malicious server. Affected Software/OS: RealVNC VNC Free Edition version prior to 4.1.3 on all running platform Solution: Update to version 4.1.3 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4770 BugTraq ID: 31832 http://www.securityfocus.com/bid/31832 BugTraq ID: 33263 http://www.securityfocus.com/bid/33263 https://www.redhat.com/archives/fedora-package-announce/2009-January/msg01025.html http://www.gentoo.org/security/en/glsa/glsa-200903-17.xml http://www.realvnc.com/pipermail/vnc-list/2008-November/059432.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9367 http://www.redhat.com/support/errata/RHSA-2009-0261.html http://secunia.com/advisories/32317 http://secunia.com/advisories/33689 http://secunia.com/advisories/34184 http://sunsolve.sun.com/search/document.do?assetkey=1-26-248526-1 http://www.vupen.com/english/advisories/2008/2868 XForce ISS Database: realvnc-cmsgreader-code-execution(45969) https://exchange.xforce.ibmcloud.com/vulnerabilities/45969 XForce ISS Database: realvnc-rfb-protocol-code-execution(47937) https://exchange.xforce.ibmcloud.com/vulnerabilities/47937
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.